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Amended Claims 



1. In a data processing apparatus comprising a first input channel and a second 
input channel each for inputting signals, a security device for verifying a password, 
and means for determining whether the password input to the security device 
comes from the second input channel, in which the security device will verify a 
correct password from the first input channel, but not from the second input 
channel, in which the security device is configured to receive signals from the first 
input channel and configured not to receive signals from the second input channel. 

2. A data processing apparatus according to claim 1 , in which the device 
receives signals only from the first input channel. 

3. A data processing apparatus according to claim 1 , in which the device cannot 
receive signals from the second input channel. 

4. A data processing apparatus according to claim 1, in which the apparatus 
further comprises means to determine whether the security device has verified the 
password and, if not, to vary operation of the apparatus. 

5. A data processing apparatus according to claim 1 , in which the first input 
channel comprises a first peripheral input device. 

6. A data processing apparatus according to claim 5, in which the first peripheral 
input device comprises a keyboard and the security device is located to receive 
signals from the keyboard and transmit them to a keyboard controller or to a 
bus. 
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7. A data processing apparatus according to claim 5, in which the device is located 
between the keyboard controller and the keyboard bus. 

8. A data processing apparatus according to claim 1, in which the apparatus 
further comprises a control unit (such as a CPU) which interrogates the security 
device to determine whether a correct password has been entered. 

9. A data processing apparatus according to claim 1 , in which the device encrypts 
all signals it receives. 

10. A data processing apparatus according to claim 9, in which a decryption tool is 
provided between the output of the device and the application to which they key 
presses comprise instructions. 

11. A method of verifying which of a first input channel and a second input 
channel is used in data processing apparatus, the method comprising the steps of 
upon input of a password to the apparatus, a security device receiving input from 
the first input channel not from the second input channel declining password 
authorisation, if the input is through the second input channel, and if the correct 
password is input through the first input channel providing a password verification. 

12. A method according to claim 11, in which the method includes the step of 
determining whether the security device has verified the password and, if not, 
varying the operation of the apparatus. 
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13. A method according to claim 12, in which a control unit (such as a CPU) 
interrogates the security device to determine whether the correct password has 
been entered. 

14. A method according to claim 1 1 , in which the method includes the step of 
receiving signals only from the first input channel. 

15. A method according to claim 14, in which the data processing apparatus 
includes a device for receiving signals. 

16. A method according to claim 14, in which the device cannot receive signals 
from the second input channel. 

17. A method according to claim 1 1 , in which the first input channel comprises a 
first peripheral input device. 

18. A method according to claim 17, in which the first peripheral input device 
comprises a keyboard and the security device is located to receive signals from 
the keyboard and transmit them to a keyboard controller or to a bus. 

19. A method according to claim 17, in which the device is located between the 
keyboard controller and the keyboard bus. 
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20. A method according to claim 11, in which the apparatus further comprises a 
control unit (such as a CPU) which interrogates the security device to determine 
whether a correct password has been entered. 
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WO 00/11535 ± PCT/GB99/02669 

IMPROVEMENTS IN AND RELATING TO DATA ^PROCESSING APPARATUS 

AND VERIFICATION METHODS 



Field of the Invention 

5 

The present invention relates to data processing 
apparatus and to verification methods. 

Background to the Invention 

10 

Despite the growing proliferation of computer hardware 
and software, there are still serious problems associated 
with data entry, and with the security of both hardware and 
software. Many new problems have arisen and others have 

15 become exacerbated as more and more computers are networked 
together and linked to the internet. One particular 
problem is that of remote hacking in which an unauthorised 
user seeks access to a computer or computer network by 
accessing the computer or a computer on the network 

20 otherwise than though a local keyboard or other local 
peripheral input device. 

The present invention aims to provide in preferred 
embodiments thereof, data processing apparatus and 
25 verification methods that address at least one of these 
problems . 

Summary of the Invention 

30 According to the present invention in a first aspect, 

there is provided in a data processing apparatus comprising 
a first input channel and a second input channel each for 
inputting signals, a security device for verifying a 
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password, and means for determining whether the password 
input to the security device comes from the second input 
channel, in which the security device will verify a correct 
password from the first input channel, but not from the 
5 second input channel , in which the security device is 
configured to receive signals from the first input channel 
and configured not to receive signals from the second input 
channel . 

10 In this way, the device determines whether the password 

input thereto comes from the second input channel, ie it 
physically cannot come from this channel . 

Suitably, the device receives signals only from the 
15 first input channel. Suitably, the device cannot receive 
signals from the second input channel. 

Suitably, the apparatus further comprises means to 
determine whether the security device has verified the 
20 password and, if not, to vary operation of the apparatus. 
Normally, the variation will be a restriction in operation, 
typically it will render the apparatus unusable. 

Suitably, the first input channel comprises a first 
25 peripheral input device. Suitably, the first peripheral 
input device comprises a keyboard and the security device 
is located to receive signals from the keyboard and 
transmit them to a keyboard controller or to a bus. 
Suitably, the device is located between the keyboard 
30 controller and the keyboard bus. Here, "between" is in the 
electronic sense, ie receives output from the keyboard 
controller and generates an input for the keyboard bus. 
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The device thus acts as an interface between the keyboard 
controller and the bus. 

Suitably, the apparatus further comprises a control 
5 unit (such as a CPU) which interrogates the security device 
to determine whether a correct password has been entered. 
A password protected operation is performed only if the 
control unit receives such verification* 

10 Suitably, the device encrypts all signals it receives. 

Suitably, a decryption tool is provided between the output 
of the device and the application to which they key presses 
comprise instructions . 

15 According to the present invention in a second aspect, 

there is provided a method of verifying which of a first 
input channel and a second input channel is used in data 
processing apparatus, the method comprising the steps of 
upon input of a password to the apparatus, a security 

20 device receiving input from the first input channel not 
from the second input channel declining password 
authorisation, if the input is through the second input 
channel, and if the correct password is input through the 
first input channel providing a password verification. 

25 

Suitably, the method includes the step of determining 
whether the security device has verified the password and, 
if not, varying the operation of the apparatus. Normally, 
the variation will be a restriction in operation. 
30 Typically, it will render the apparatus unusable. 
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Suitably, a control unit (such as a CPU) interrogates 
the security device to determine whether the correct 
password has been entered. 

5 Suitably, the method includes the step of receiving 

signals only from the first input channel. Suitably, the 
data processing apparatus includes a device for receiving 
signals. Suitably, the device cannot receive signals from 
the second input channel . 

10 

Suitably, the first input channel comprises a first 
peripheral input device. Suitably, the first peripheral 
input device comprises a keyboard and the security device 
is located to receive signals from the keyboard and 

15 transmit them to a keyboard controller or to a bus* 
Suitably, the device is located between the keyboard 
controller and the keyboard bus. Here, "between" is in the 
electronic sense, ie receives output from the keyboard 
controller and generates an input for the keyboard bus. 

20 The device thus acts as an interface between the keyboard 
controller and the bus . 

Suitably, the apparatus further comprises a control 
unit (such as a CPU) which interrogates the security device 
25 to determine whether a correct password has been entered. 
A password protected operation is performed only if the 
control unit receives such verification. 

Brief Desc ription of the Figure 

30 

The present invention will now be described, by way of 
example only, with reference to the Figure that follows 
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which is a schematic illustration of an electronic data 
processing apparatus embodying the present invention. 

Description of the Preferred Embodiments 

5 

In one preferred embodiment of the present invention, 
there is provided an electronic data processing apparatus, 
typically a personal computer ("PC") 2. The PC 2 receives 
input signals from peripheral input devices (eg keyboard, 

10 data socket, pen, voice recognition microphone etc) . The 
PC includes a keyboard 4 having an associated bus 6 and a 
keyboard controller 8 forming a first input channel from 
the keyboard 4 . The PC 2 also has at least one further 
input channel 10 for signals corresponding to those from 

15 the keyboard 4. Typically, this further input channel 10 
will comprise a data socket for receipt of digital signals 
transmitted from a remote modem (not shown) . The PC 2 
generally treats signals received via the data socket in 
the same way as those received from the keyboard 4, except 

20 as set out below. 

A security device 12 is located between the keyboard 
controller 8 and the bus 6. That is, the security device 
12 is located to receive signals from the first input 
25 channel (the keyboard 4) , but not from the further input 
channel (the data socket 10) . The security device 12 has 
the following characteristics. 

(i) It includes a fast and reversible 

30 encryption/decryption algorithm such as DES or T- 

code . 
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(ii) It has a volatile memory Random Access Memory 
(RAM) including authorisation codes or an 
algorithm therefor, or pre- stored password and 
means for checking whether an input password or 
code matches such an authorisation code or 
password. 

(iii) It includes a real-time clock powered by a power 
supply . 

The security device 12 is typically embodied in a board 
(not shown) including a microprocessor. The board may be 
integral to the PC 2 or be a separate plug- in board. 

The security device 12 requires a password to be input 
to pass keyboard signals to the bus 8. If the password is 
not provided on demand (a limited number of tries may be 
permitted before a lock-out) the security device 12 will 
either block signals or vary them, for instance by 
encryption, to be unusable. The security device 12 is 
configured so that upon receipt of the correct password it 
is activated for a predetermined period of time, according 
to the in-built real-time clock. The period of time can be 
varied based upon the password or other authorisation 
received. While activated, the security device 12 

transmits keyboard signals unaltered. When not activated 
it is in the encryption state and encrypts signals passing 
therethrough (or may block them) . Thus, while in the 
encryption state the central processing unit ("CPU") of PC 
2 cannot understand the output of keyboard 8. 

The security device 12 when activated and authorised 
receives input signals from the keyboard bus and outputs 
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them to the keyboard controller. The delay is 

insignificant . 

In use, the PC 2 is configured to require a password 
5 before permitting access to certain functions or data 
(which may be all functions and/ or data) . By way of 
example, a word-processing file may be password protected* 
Before permitting access to the file, the PC CPU requires 
confirmation from the security device 12 that the correct 

10 password has been entered. Only if the CPU receives 
verification from the security device that the correct 
password has been entered will it perform the password 
protected operation. Since the security device 12 can only 
receive inputs from the keyboard, it is not possible to 

15 enter the password from any other source. 

In this way, it is possible to verify the physical 
presence of a user. If signals are input to the PC via a 
modem, for instance from a "hacker", it will not be 
20 received via the keyboard input channel and so the password 
cannot be verified. Thus access can be denied to remote 
users or additional security measures put in place before 
allowing them access . 

25 Typically, data will be encrypted and decryption will 

only be permitted upon verification from the security 
device 12 . 

Preferred embodiments of the present invention also 
3 0 enable a security enhancement to be provided to prevent 
"key logging" attacks. This is where a hacker loads a 
short application on to a PC to be attached which 
application interrogates the operating system to determine 
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each keystroke as it is pressed. A record of keystrokes 
can be used to inspect confidential information and/or 
retrieve passwords . 

5 To prevent this the security device 12 can be set to 

encrypt all key presses according to a predetermined 
encryption algorithm. An encryption algorithm is used to 
ensure that generally a given key press when repeated does 
not generate as an output from the security device 12 the 

10 same output . A tool is additionally provided between the 
operating system and the application to be controlled by 
the key presses to decrypt the encrypted key press data. 
Therefore since the key press information available to the 
operating system is encrypted it is of no use to a key 

15 logger. 

Although reference is made herein to a "password", that 
can comprise any signal or combination of signals and need 
not be a "word" at all. 

20 

Clearly, in certain embodiments the apparatus may only 
verify input from other inputs, usually being peripheral 
input devices . 

25 The reader's attention is directed to all papers 

and documents which are filed concurrently with or previous 
to this specification in connection with this application 
and which are open to public inspection with this 
specification, and the contents of all such papers and 

30 documents are incorporated herein by reference. 

All of the features disclosed in this specification 
(including any accompanying claims, abstract and drawings) , 
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and/or all of the steps of any method or process so 
disclosed, may be combined in any combination, except 
combinations where at least some of such features and/or 
steps are mutually exclusive. 

5 

Each feature disclosed in this specification (including 
any accompanying claims, abstract and drawings) , may be 
replaced by alternative features serving the same, 
equivalent or similar purpose, unless expressly stated 
10 otherwise. Thus, unless expressly stated otherwise, each 
feature disclosed is one example only of a generic series 
of equivalent or similar features . 



The invention is not restricted to the details of the 
15 foregoing embodiment ( s ) . The invention extends to any 
novel one, or any novel combination, of the features 
disclosed in this specification (including any accompanying 
claims, abstract and drawings) , or to any novel one, or any 
novel combination, of the steps of any method or process so 
20 disclosed. 
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Claims 

1. In a data processing apparatus comprising a first input 
channel and a second input channel each for inputting 

5 signals, a security device for verifying a password, and 
means for determining whether the password input to the 
security device comes from the second input channel, in 
which the security device will verify a correct password 
from the first input channel, but not from the second input 
10 channel, in which the security device is configured to 
receive signals from the first input channel and configured 
not to receive signals from the second input channel. 

2. A data processing apparatus according to claim 1, in 
15 which the device receives signals only from the first input 

channel . 

3 . A data processing apparatus according to claim 1 or 
claim 2 , in which the device cannot receive signals from 

20 the second input channel . 

4 . A data processing apparatus according to any preceding 
claim, in which the apparatus further comprises means to 
determine whether the security device has verified the 

25 password and, if not, to vary operation of the apparatus. 

5 . A data processing apparatus according to any preceding 
claim, in which the first input channel comprises a first 
peripheral input device . 

30 

6. A data processing apparatus according to claim 5, in 
which the first peripheral input device comprises a 
keyboard and the security device is located to receive 
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signals from the keyboard and transmit them to a keyboard 
controller or to a bus. 

7 . A data processing apparatus according to claim 5 or 
5 claim 6, in which the device is located between the 

keyboard controller and the keyboard bus. 

8 . A data processing apparatus according to any preceding 
claim, in which the apparatus further comprises a control 

10 unit (such as a CPU) which interrogates the security device 
to determine whether a correct password has been entered. 

9. A data processing apparatus according to any preceding 
claim, in which the device encrypts all signals it 

15 receives . 

10. A data processing apparatus according to claim 9 # in 
which a decryption tool is provided between the output of 
the device and the application to which they key presses 

20 comprise instructions. 

11. A method of verifying which of a first input channel 
and a second input channel is used in data processing 
apparatus, the method comprising the steps of upon input of 

25 a password to the apparatus, a security device receiving 
input from the first input channel not from the second 
input channel declining password authorisation, if the 
input is through the second input channel, and if the 
correct password is input through the first input channel 

30 providing a password verification. 



12. A method according to claim 11, in which the method 
includes the step of determining whether the security 
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device has verified the password and, if not, varying the 
operation of the apparatus. 

13. A method according to claim 12, in which a control unit 
5 (such as a CPU) interrogates the security device to 

determine whether the correct password has been entered. 

14. A method according to any one of claims 11 to 13, in 
which the method includes the step of receiving signals 

10 only from the first input channel. 

15. A method according to claim 14, in which the data 
processing apparatus includes a device for receiving 
signals . 

15 

16. A method according to claim 14 or claim 15, in which 
the device cannot receive signals from the second input 
channel . 

20 17. A method according to any one of claims 11 to 16, in 
which the first input channel comprises a first peripheral 
input device. 

18. A method according to claim 17, in which the first 
25 peripheral input device comprises a keyboard and the 
security device is located to receive signals from the 
keyboard and transmit them to a keyboard controller or to a 
bus . 

3 0 19. A method according to claim 17 or claim 18, in which 
the device is located between the keyboard controller and 
the keyboard bus . 
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20. A method according to any one of claims 11 to 19 , in 
which the apparatus further comprises a control unit (such 
as a CPU) which interrogates the security device to 
determine whether a correct password has been entered. 
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names are listed below) of the subject matter which is claimed and for which a patent Is sought on the invention entitled: 



IMPROVEMENTS IN AND RELATING TO 
DATA PROCESSING APPARATUS AND VERIFICATION METHODS 



the specification of which 

□ is attached hereto 
OR 

E£ was filed on (MM/DD/YYYY) 
Application Number I 



(Title of the Invention) 



02/16/2001 / 



as United States Application Number or PCT International 
(if applicable). 



and was amended on (MM/DD/YYYY) 



I hereby state that 1 have reviewed and understand the contents of the above identified specification, including the claims, as 
amended by any amendment specifically referred to above. 

I acknowledge the duty to disclose information which is material to patentability as defined in 37 CFR 1 .56, including for continuation- 
in-part applications, material information which became available between the filing date of the prior application and the national or 
PCT international filing date of the continuation-in-part application. 



t hereby claim foreign priority benefits under 35 U.S.C. 119(a)-(d) or 365(b) of any foreign application(s) for patent or inventor's 
certificate, or 365(a) of any PCT international application which designated at least one country other than the United States of 
America, listed below and have also identified below, by checking the box, any foreign application for patent or inventor's 



Prior Foreign Application 
Number(s) 


Country 


Foreign Filing Date 
(MM/DD/YYYY) 


Priority 
Not Claimed 


Certified Copy Attached? 
YES NO 


GB 9818184.5 ^ 






□ 


□ 


□ 


Great Britaff 


08/20/1998^ 


□ 












□ 


□ 


□ 








□ 


□ 


□ 



□ Additional foreign application numbers are listed on a supplemental priority data sheet PTO/SB/Q2B attached hereto: 
I hereby claim the benefit under 35 U.S.C. 1 19(e) of any United States provisional application(s) listed below. 



Application Number(s) 



Filing Date (MM/DD/YYYY) 



I I Additional provisional application 
numbers are listed on a 
supplemental priority data sheet 
PTO/SB/02B attached hereto. 
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Burden Hour Statement: This form is estimated lo take 21 minutes to complete Time will vary depending upon the needs of the individual case. Any comments on 
the amount of time you are required to complete this form should be sent to the Chief Information Officer, U.S. Patent and Trademark Office, Washington, DC 
20231. DO NOT SEND FEES OR COMPLETED FORMS TO THIS ADDRESS. SEND TO: Assistant Commissioner for Patents, Washington, DC 20231. 



^ Please type a plus sign (+) inside this box — > |+ [ 




PTO/SB/01 (10-00) 
Approved for use through 10/31/2002. OMB 0651-0032 
«. n * m • *♦ At , . U S. Patent and Trademark Office; U.S. DEPARTMENT OF COMMERCE 

the Paperwork Reduction Act of 1995, no persons are required to respond to a collection of information unless it contains a valid OMB control number. 



DECLARATION — Utility or Design Patent Application 



t all correspondence to: 



Customer Number 
or Bar Code Label 




OR O Correspondence address below 



Name 



C23638> 



P ATE N T I' RHUbHMK OFFICE 



Address 



Address 



City 



Country 



State 



Telephone 



ZIP 



Fax 



I hereby declare that all statements made herein of my own knowledge are true and that all statements made on information and belief 
are believed to be true; and further that these statements were made with the knowledge that willful false statements and the like so 
made are punishable by fine or imprisonment, or both, under 18 U.S.C. 1001 and that such willful false statements may jeopardize the 
validity of the application or any patent issued thereon. 



NAME OF SOLE OR FIRST INVENTOR : 



□ A petition has been fried for this unsigned inventor 



Given Name 

(first and middle [if any]) 



Melih 



Inventor's 
Signature 




Family Name 
or Surname 



ABDULHAYOGLU 



Residence: City Bradford f West Yorkshire 



State 



Great 
Country 



Britai nciti; 



Date 



Great 
tizenship Britairy^ 



Mailing Address 1 0 Hey Street, Bradford 



Mailing Address 



City West Yorkshire 



State 



NAME OF SECOND INVENTOR: 



ZIP BD7 1DQ 



Great 
Country Britain 



□ A petition has been filed for this unsigned inventor 



Given Name 

(first and middle [if any]) 



Family Name 
or Surname 



Inventor's 
Signature 



Residence: City 



State 



Country 



Date 



Citizenship 



Mailing Address 



Mailing Address 



City 



ZIP 



Country 



□ Additional inventors are being named on the supplemental Additional Inventors) sheet(s) PTO/SB/02A attached hereto. 
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